投稿時間:2022-01-28 02:32:53 RSSフィード2022-01-28 02:00 分まとめ(35件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
IT	気になる、記になる…	｢iMac 27インチ｣のNano-textureガラス搭載モデルの納期が3月下旬以降に	https://taisy0.com/2022/01/28/151296.html	apple	2022-01-27 16:02:57
python	Pythonタグが付けられた新着投稿 - Qiita	Streamlitで作ったWebアプリをコンテナ化してデプロイ（Windows10、Python3.9、Azure Container Registry）	https://qiita.com/SatoshiGachiFujimoto/items/d8273194e88d8eb30213	Streamlitで作ったWebアプリをコンテナ化してデプロイWindows、Python、AzureContainerRegistryはじめに最寄りのバス停にバスがあと何分で着くかだけを表示するもの作ったんですけど、最寄りのバス停にバスがあと何分で着くかだけを表示するものなんだけど、番よく使う熊本MaaSMStackGTFSpictwittercompjmSrhtCeーがちもとさんメタバース熊本sotongshiDecemberStreamlitに対応したので、できたーpictwittercomJEjrJbjーがちもとさんメタバース熊本sotongshiJanuaryデプロイしてみました。	2022-01-28 01:18:06
Docker	dockerタグが付けられた新着投稿 - Qiita	Streamlitで作ったWebアプリをコンテナ化してデプロイ（Windows10、Python3.9、Azure Container Registry）	https://qiita.com/SatoshiGachiFujimoto/items/d8273194e88d8eb30213	Streamlitで作ったWebアプリをコンテナ化してデプロイWindows、Python、AzureContainerRegistryはじめに最寄りのバス停にバスがあと何分で着くかだけを表示するもの作ったんですけど、最寄りのバス停にバスがあと何分で着くかだけを表示するものなんだけど、番よく使う熊本MaaSMStackGTFSpictwittercompjmSrhtCeーがちもとさんメタバース熊本sotongshiDecemberStreamlitに対応したので、できたーpictwittercomJEjrJbjーがちもとさんメタバース熊本sotongshiJanuaryデプロイしてみました。	2022-01-28 01:18:06
Azure	Azureタグが付けられた新着投稿 - Qiita	Streamlitで作ったWebアプリをコンテナ化してデプロイ（Windows10、Python3.9、Azure Container Registry）	https://qiita.com/SatoshiGachiFujimoto/items/d8273194e88d8eb30213	Streamlitで作ったWebアプリをコンテナ化してデプロイWindows、Python、AzureContainerRegistryはじめに最寄りのバス停にバスがあと何分で着くかだけを表示するもの作ったんですけど、最寄りのバス停にバスがあと何分で着くかだけを表示するものなんだけど、番よく使う熊本MaaSMStackGTFSpictwittercompjmSrhtCeーがちもとさんメタバース熊本sotongshiDecemberStreamlitに対応したので、できたーpictwittercomJEjrJbjーがちもとさんメタバース熊本sotongshiJanuaryデプロイしてみました。	2022-01-28 01:18:06
海外TECH	MakeUseOf	Who’s Been Using Your Mac Behind Your Back? Find Out!	https://www.makeuseof.com/tag/whos-been-using-your-mac-behind-your-back-find-out/	software	2022-01-27 16:45:17
海外TECH	MakeUseOf	Overcoming Digital Anxiety in a Post-Pandemic World	https://www.makeuseof.com/overcoming-digital-anxiety-post-pandemic-world/	Overcoming Digital Anxiety in a Post Pandemic WorldCOVID and the related isolation increased many people s digital anxiety Here s how to overcome it without disconnecting yourself from the world	2022-01-27 16:30:12
海外TECH	MakeUseOf	Why You Need to Install iOS 15.3 Right Now	https://www.makeuseof.com/ios-15-3-why-you-need-to-update/	users	2022-01-27 16:24:18
海外TECH	MakeUseOf	How to Reset Microsoft Store in Windows 10 and 11	https://www.makeuseof.com/windows-10-11-reset-microsoft-store/	windows	2022-01-27 16:16:12
海外TECH	DEV Community	What the heck is even reverse engineering? SRE Explained.	https://dev.to/dumboprogrammer/what-the-heck-is-even-reverse-engineering-sre-explained-4ll4	What the heck is even reverse engineering SRE Explained Explanationbasically you turn binary back to source codeReverse engineering also known as backwards engineering or back engineering is a process or method through which one attempts to understand through deductive reasoning how a previously made device process system or piece of software accomplishes a task with very little if any insight into exactly how it does so SRE means software reverse engineering There are two components in reverse engineering redocumentation and design recovery Redocumentation is the creation of new representation of the computer code so that it is easier to understand Meanwhile design recovery is the use of deduction or reasoning from general knowledge or personal experience of the product to understand the product s functionality fully It can also be seen as going backwards through the development cycle In this model the output of the implementation phase in source code form is reverse engineered back to the analysis phase in an inversion of the traditional waterfall model Another term for this technique is program comprehension The Working Conference on Reverse Engineering WCRE has been held yearly to explore and expand the techniques of reverse engineering Computer aided software engineering CASE and automated code generation have contributed greatly in the field of reverse engineering Software anti tamper technology like obfuscation is used to deter both reverse engineering and re engineering of proprietary software and software powered systems In practice two main types of reverse engineering emerge In the first case source code is already available for the software but higher level aspects of the program which are perhaps poorly documented or documented but no longer valid are discovered In the second case there is no source code available for the software and any efforts towards discovering one possible source code for the software are regarded as reverse engineering The second usage of the term is more familiar to most people Reverse engineering of software can make use of the clean room design technique to avoid copyright infringement On a related note black box testing in software engineering has a lot in common with reverse engineering The tester usually has the API but has the goals to find bugs and undocumented features by bashing the product from outside How to do it Tooling for itSo most of the time source code doesn t come raw instead in binary We can disassemble the binary to assembly using something called a disassembler I use something called Ghidra made by NSA	2022-01-27 16:45:28
海外TECH	DEV Community	Deploy a Kubernetes Cluster based on Calico and openSUSE Kubic	https://dev.to/hollowman6/deploy-a-kubernetes-cluster-based-on-calico-and-opensuse-kubic-31d0	Deploy a Kubernetes Cluster based on Calico and openSUSE Kubic IntroductionopenSUSE Kubic is a certified Kubernetes Distribution based on openSUSE MicroOS Calico is an open source project that can be used by Kubernetes to deploy a pod network to the cluster In this blog I will show you how to deploy a Kubernetes Cluster based on Calico and openSUSE Kubic by a Virtual Machine We are going to deploy a cluster that has a master and a worker I was intended to use Oracle VM VirtualBox However it turned out that on my machine when I tried to run kubeadm at openSUSE Kubic in VirtualBox it always stuck at watchdog BUG soft lockup CPU stuck for xxs with CPU usage around As a result I switched to VMware Workstation Pro and the issue got solved Guess it s caused by some bugs of VirtualBox Steps Create the Virtual Machine and Install openSUSE KubicHere I won t explain how to do these things but share some important things to note just refer to their documents if you don t know or have any questions Here is my configuration for the Virtual Machine Recommend that your host machine has a memory that is larger than GB so that more than GB of memory can be assigned to the Virtual Machine for it to run smoothly In order for the Virtual Machines to be connected to each other and also connect to the Internet you can set the Network Adapter to be Bridged Automatic For openSUSE Kubic Installation remember to choose kubeadm Node when it comes to System Role as it will deploy a Weave pod network cluster instead of Calico if you choose to use Kubic I suggest that you can install the openSUSE Kubic in one Virtual Machine later after successful installation clone that Virtual Machine assign one as master and another worker Remember to do a full clone Configuring the MasterWhen you boot into the master Virtual Machine you can see your IP address in the notification part In my case it s Take note of that For the convenience of copy and paste commands we can use SSH to log into the system To configure that first log into the system with root account Second execute vi etc ssh sshd config d enable root password conf type i to insert write the following into the file PasswordAuthentication yesPermitRootLogin yesThis will enable SSH root password login although it s not recommended if you are in production When editing is finished press ESC then type wq to save and exit Kubeadm InitRun kubeadm config images pull to pull the container images required for Kubernetes You can also specify the image repository if in your location registry opensuse org downloading speed is too slow In my case in China I ll use Aliyun to speed up kubeadm config images pull image repository registry aliyuncs com google containersThen run kubeadm init apiserver advertise address lt Your Master IP Address gt pod network cidr replace lt Your Master IP Address gt with the IP address you just noted If you specified the image repository in the last step also append that to this command Wait for it to finish remember to take notes of the worker nodes joining command Execute export KUBECONFIG etc kubernetes admin conf in your shell for the kubectl to work Deploy CalicoGet the latest copy of the calico configuration yaml file by curl O Change the path to install the FlexVolume driver by sed i s usr libexec kubernetes kubelet plugins volume exec var lib kubelet volume plugin g calico yaml as in Transactional Atomic systems usr libexec kubernetes is read only Finally apply the yaml file by kubectl apply f calico yaml Wait for all the pods to be available watch kubectl get pods all namespacesYou can check the Events of the pod to get the error messages if you are waiting too much time on a specific pod kubectl describe pods n kube system lt Pod Name gt Configuring the WorkerStart the worker Virtual Machine login as root change the host name as it can t be the same with the master hostnamectl set hostname worker Finally execute the worker nodes joining command just noted ignoring the hostname could not be reached warnings since we didn t and don t need to configure the DNS Then wait for the worker to be available Done	2022-01-27 16:37:17
海外TECH	DEV Community	Building Native Desktop Apps with Electron.JS	https://dev.to/codesphere/building-native-desktop-apps-with-electronjs-4m8n	Building Native Desktop Apps with Electron JSGone are the days where Javascript is locked behind the shackles of a browser Electron or Electron js is a framework maintained by the OpenJS foundation to build native desktop applications using web technologies like JavaScript HTML and CSS More and more native applications like Spotify VSCode and Slack are all being built using Electron This open source framework uses Chromium and Node js and it can be used to create cross platform applications compatible with Windows Mac and Linux In this article we ll build a simple tic tac toe game with Electron that can run locally Basics of ElectronElectron consists of three primary components Chromium that handles all the web content Node js that handles interaction with the operating systemCustom APIs for additional functionality and solving common issues when dealing with the OSAll these components work together to facilitate a desktop application Additionally Electron includes two primary processes The main process handles window management all OS interactions and the renderer process is responsible for the web content The renderer process cannot directly interact with the OS and only communicates with it through the Main process Depending on the application there can be multiple renderer processes for a single main process However in most cases a single main process with a single renderer that s used to load the web application is used With the explanation out of the way let s start building Setting up Our ProjectTo use Electron you will need to have Node js installed in your environment We can start by creating our npm project by runningnpm initAfter setting up our project we can install Electron with npm i D electron latestCreating the Electron ApplicationFor our Electron app we re going to use a simple HTML page to facilitate a game of pong This way we just need to focus on the Electron aspects of the application and not on the game itself A couple of weeks ago we made Pong with just a lines of code so we ll use that reuse that projectWe will create two files in our project folder index js which will act as our main node process while pong html which will act as the renderer process to load the weather data The index js file will facilitate the window creation for the application and load the appropriate renderer process In this instance our pong html file will look like this We can now run our application locally with electron index jsAnd there we have it Our html file is running natively ConclusionElectron s increasing popularity makes it a must learn for aspiring developers Not to mention if you re a web developer looking to make a quick native version of your website Electron is likely the best option If you re building software and looking to eliminate bottlenecks look no further than Codesphere for you cloud service needs We re building Codesphere to be the most intuitive cloud and devops tool on the market Happy coding	2022-01-27 16:03:56
Apple	AppleInsider - Frontpage News	Belkin BoostCharge Pro Portable Wireless Charger Pad for MagSafe review: A pricey, but better option	https://appleinsider.com/articles/22/01/27/belkin-boostcharge-pro-portable-wireless-charger-pad-for-magsafe-review-a-pricey-but-better-option?utm_medium=rss	Belkin BoostCharge Pro Portable Wireless Charger Pad for MagSafe review A pricey but better optionWith a price tag pushing Belkin has a lot to prove with its inelegantly named BoostCharge Pro Portable Wireless Charger Pad for MagSafe Belkin s MagSafe puck on our iPhone ProIt s taken well more than a year from MagSafe s initial introduction to get our first third party MagSafe cable In that time we ve seen the market inundated with cheap Qi chargers surrounded by magnets that pale in comparison to the real thing This isn t that Read more	2022-01-27 16:41:33
Apple	AppleInsider - Frontpage News	Apple evaluating Chinese display maker CSOT for potential OLED orders	https://appleinsider.com/articles/22/01/27/apple-evaluating-chinese-display-maker-csot-for-potential-oled-orders?utm_medium=rss	Apple evaluating Chinese display maker CSOT for potential OLED ordersChina based display manufacturer CSOT is reportedly evaluating its production lines in a bid to supply iPhone OLED panels to Apple iPhone Pro modelsCSOT has reportedly formed a team to evaluate suitability of its production lines for OLED displays for Apple According to The Elec CSOT and Apple recently reviewed an OLED panel produced by its T factory in Wuhan China Read more	2022-01-27 16:16:16
海外TECH	Engadget	Wyze will discontinue its first camera on February 1st	https://www.engadget.com/wyze-cam-v1-discontinued-security-update-162413814.html?src=rss	Wyze will discontinue its first camera on February stAlmost five years since it released its first security camera Wyze is putting the device out to pasture The company says it will retire Wyze Cam v on February st because the camera is unable to support a required security update Wyze told customers in an email that they ll still be able to use the camera after the end of this month but it won t quot sell improve or maintain quot it as of February st The company added that quot your continued use of the Wyze Cam v after February carries increased risk is discouraged by Wyze and is entirely at your own risk quot though it didn t offer more details As a thank you for buying its first product Wyze offered customers a coupon for off their next camera The Wyze Cam v typically costs Earlier this month Wyze announced a pay what you want plan for its cameras Users will need to opt into the new Cam Plus Lite service which they don t need to pay for or the Cam Plus plan to retain access to cloud storage features as of February th It s unclear whether this change played a role in the decision to retire Wyze Cam v nbsp Engadget has contacted Wyze for comment nbsp Thanks Scott	2022-01-27 16:24:13
海外TECH	Engadget	The 2020 iPad Air is on sale for $539 right now	https://www.engadget.com/the-2020-ipad-air-is-on-sale-for-539-right-now-161749344.html?src=rss	The iPad Air is on sale for right nowIf you missed the sale earlier this month you have another chance to get off Apple s iPad Air At the time of writing this the green silver and blue models are down to which is percent off and one of the best prices we ve seen in months We considered this to be the best iPad for most people when it first came out and it remains a great option for those that want a powerful versatile tablet that won t break the bank Buy iPad Air at Amazon Yes there are newer iPads available now ーeven the base inch iPad Air received an update last year ーbut the Air still sits in the middle of Apple s lineup It runs on the A Bionic chipset with a six core CPU and a four core GPU and these discounted models have WiFi support GB of storage and a inch Liquid Retina Display with True Tone The updated flat edged design has a USB C port for charging and a power button with a built in fingerprint reader for extra security The iPad Air also supports the second generation Apple Pencil so artists and those who prefer to take hand written notes could use it as their main digital notebook While we suggest considering the M iPad Pros if you want a true laptop replacement the iPad Air can act as one too It has speedy performance a hour battery life and it can connect to Apple s Smart Keyboard Folio and the Magic Keyboard so you have a number of ways to turn it into a in machine There are plenty of perks to the M iPad Pros when it comes to productivity but you ll pay at least more for one of those So despite the fact that it is almost two years old the iPad Air remains a good option if you want a tablet that can keep up with you on your busiest days Follow EngadgetDeals on Twitter for the latest tech deals and buying advice	2022-01-27 16:17:49
金融	金融庁ホームページ	「銀行法施行規則等の一部を改正する内閣府令（案）」等について公表しました。	https://www.fsa.go.jp/news/r3/sonota/20220127/20220127.html	内閣府令	2022-01-27 17:00:00
金融	金融庁ホームページ	外国監査法人等の廃業等の届出について公表しました。	https://www.fsa.go.jp/news/r3/sonota/20220127-haigyo.html	監査法人	2022-01-27 17:00:00
金融	金融庁ホームページ	IOSCOによる報告書「グローバル監督カレッジの活用から得られた教訓」について掲載しました。	https://www.fsa.go.jp/inter/ios/20220127/20220127.html	iosco	2022-01-27 17:00:00
ニュース	ジェトロ ビジネスニュース（通商弘報）	製造業の海外投資拡大で国内雇用減が進む、全経連発表	https://www.jetro.go.jp/biznews/2022/01/a90f453ba3e2856b.html	海外投資	2022-01-27 16:20:00
ニュース	ジェトロ ビジネスニュース（通商弘報）	ドバイで医療機器見本市「アラブヘルス」が開幕	https://www.jetro.go.jp/biznews/2022/01/1e12843fd4e5b5fd.html	医療機器	2022-01-27 16:10:00
ニュース	BBC News - Home	Sue Gray's No 10 parties report will be published in full, says Boris Johnson	https://www.bbc.co.uk/news/uk-politics-60153808?at_medium=RSS&at_campaign=KARANGA	inquiry	2022-01-27 16:11:46
ニュース	BBC News - Home	Ukraine crisis: Nord Stream 2 pipeline could be axed, US warns	https://www.bbc.co.uk/news/world-europe-60151839?at_medium=RSS&at_campaign=KARANGA	europe	2022-01-27 16:11:55
ニュース	BBC News - Home	Boris Johnson denies authorising animal evacuation from Kabul	https://www.bbc.co.uk/news/uk-politics-60155840?at_medium=RSS&at_campaign=KARANGA	animals	2022-01-27 16:50:52
ニュース	BBC News - Home	Barry Cryer: Tributes paid to veteran comedian and writer	https://www.bbc.co.uk/news/entertainment-arts-60154371?at_medium=RSS&at_campaign=KARANGA	stephen	2022-01-27 16:51:13
ニュース	BBC News - Home	Chris Whitty assault: Man jailed for eight weeks over attack	https://www.bbc.co.uk/news/uk-england-london-59746659?at_medium=RSS&at_campaign=KARANGA	assault	2022-01-27 16:19:31
ニュース	BBC News - Home	Covid: Care home restrictions to be eased in England	https://www.bbc.co.uk/news/uk-60151596?at_medium=RSS&at_campaign=KARANGA	isolation	2022-01-27 16:25:48
ニュース	BBC News - Home	F35-C fighter jet: Race is on to reach sunken US plane... before China	https://www.bbc.co.uk/news/world-us-canada-60148482?at_medium=RSS&at_campaign=KARANGA	abyss	2022-01-27 16:47:18
ニュース	BBC News - Home	Covid vaccines: The unvaccinated NHS workers facing the sack	https://www.bbc.co.uk/news/uk-60104140?at_medium=RSS&at_campaign=KARANGA	deadline	2022-01-27 16:39:02
ビジネス	ダイヤモンド・オンライン - 新着記事	【ご神仏のメッセージを感じる尼僧が教える】絶望、失敗、しくじりが、じつは幸せへの道筋かもしれないといえる訳 - 迷いをすっきり消す方法	https://diamond.jp/articles/-/293864	道筋	2022-01-28 01:55:00
ビジネス	ダイヤモンド・オンライン - 新着記事	40代を過ぎても転職すべき人と今の会社に残る方がいい人の差 - 転職が僕らを助けてくれる	https://diamond.jp/articles/-/294549	代を過ぎても転職すべき人と今の会社に残る方がいい人の差転職が僕らを助けてくれる「今の会社で働き続けていいのかな」「でも、転職するのは怖いな……」。	2022-01-28 01:50:00
北海道	北海道新聞	道内感染延べ８万人超、死者１４９４人　コロナ初確認から２年	https://www.hokkaido-np.co.jp/article/638694/	新型コロナウイルス	2022-01-28 01:11:00
北海道	北海道新聞	埼玉の住宅で立てこもり、銃所持か　２人搬送、腹部から出血も	https://www.hokkaido-np.co.jp/article/638720/	埼玉県ふじみ野	2022-01-28 01:03:37
海外TECH	reddit	Apex Legends: Defiance Launch Trailer	https://www.reddit.com/r/apexlegends/comments/se1pxi/apex_legends_defiance_launch_trailer/	Apex Legends Defiance Launch Trailer submitted by u paradoxally to r apexlegends link comments	2022-01-27 16:02:55
GCP	Cloud Blog	Managing consent in Embedded Finance	https://cloud.google.com/blog/topics/financial-services/managing-consent-in-embedded-finance/	Managing consent in Embedded FinanceWhen banks and other financial institutions make their products available via non banks we call that Embedded Finance Think for example of a retailer offering financing for people buying goods or a budgeting app gathering bank transactions to help you categorize and understand your spending patterns The finance the money management has been embedded into the retailer or the budgeting experience This last example falls under the Data Exchange category of Embedded Finance and it s often also called Open Banking In many countries this active data exchange is actually mandated by law with specific Open Banking standards encoded into law for all financial institutions As of this blog post there are approximately countries with such laws already in place or currently being worked on In an Embedded Finance scheme there are three main players The financial institution offering their products and services a third party provider TPP making use of those products or services and an end user who is a customer of the financial institution and is interacting with the TPP The most important ingredient for these schemes is consumer trust If a consumer does not trust that their data will be safely shared with a third party and that they can easily understand the terms they have agreed to and stop sharing their data whenever they want to consumers will simply not participate When a consumer agrees for their data to be shared this is called consent What components do I need for a successful Embedded Finance solution Banks products and services are made available to other parties via APIs thus a fundamental component is an API Management platform An API Management Platform lets you design secure analyze and scale APIs anywhere with visibility and control Also we need a component to manage consents given by end users Consent Management refers not only to the capability of checking whether a certain action by a third party eg access an end user s account balance is valid according to the consent granted by the end user to that TPP  but also the availability of tools for end users to check existing consents modify them or revoke them as well as tools for financial institutions to perform similar actions on behalf of their customers Finally we need an Identity Platform capable of authenticating an end user and establishing their identity A Google Cloud based embedded finance solution uses Apigee as the API management platform Identity Platform or your own identity platform of choice and a consent management service CMS  Google Cloud has partnered with two leading providers in the consent management space Clarip and CloudEntity How do these components work together The main roles and responsibilities of each of the three components are quite clear but there is a certain degree of flexibility on how to orchestrate the interactions between the components and which component performs which function when there is an overlap of functionality between them Google Cloud has tested the following interaction patterns Interaction Pattern Apigee as the main orchestratorIn this interaction pattern Apigee interacts with both the consent management service and the identity platform coordinating end user authentication with the identity platform and authorization and consent with the consent management service Apigee acts as the “broker between users their identity and their consent Interaction Pattern The consent management service abstracts the identity platform In this case the consent management service manages all the interactions with the identity management platform and the identity platform acts as the “broker Apigee only interacts with the consent service The three components share a common pool of client apps and end users One of the components is typically designated as the source of truth for these entities while the other components that need to know about these entities synchronize that information from the source of truth  The identity platform is typically the source of truth for end user identities and the consent management component will synchronize that information by pulling it from the identity platform  The consent management service is the source of truth for user opt in and current consent status Apigee will either check with the service the validity of a consent every time a request comes through or to make it more efficient it will validate the main attributes of the consent based on information stored in Apigee To maintain consistency the consent management service should tell Apigee to invalidate any tokens associated with a consent when it is revoked via other means for example if an end user revoked consent from a consent dashboard For client apps either Apigee or the consent management component can act as the source of truth with the other component synchronizing the information In the context of Open Banking in particular standards often mandate that financial institutions support Dynamic Client Registration This means having endpoints that new clients can use to register themselves as clients for the Open Banking APIs In this case the synchronization of clients can easily be incorporated into Dynamic Client Registration Let s look now into more detail about how the three components interact There are two user journeys that are particularly relevant Authentication Authorization ConsentThis is the beginning of the typical consumer client journey when an end user starts using a third party app that requires access to that user s data The third party app needs to authenticate itself and request authorization to access the user s data This will trigger the authentication of the end user and consent granting Consent granting being the process of the user authorizing the operations the app will execute on their behalf and establishing the list of accounts on which these operations will be performed The authorization is represented by an access token which the app will need to include in all subsequent requests This is quite a complex journey with many steps involved in order to make this as secure as possible To make it easier to understand we will simplify some of the steps apologies in advance to you OIDC FAPI experts out there At a high level these are the steps involved in this user journey End user starts using an appThe app requests permission to access user s dataThe identity platform IdP authenticates the end userThe consent management service obtains consent from end userAn access token is issued for the app encapsulating the authorized permissions accounts etc A refresh token is also issued the access token normally has a short life measured in minutes but the app can use the refresh token which typically lasts much longer days or months in order to obtain a new access token without the need of going through the end user authentication authorization consent process again The way these steps are orchestrated varies depending on the interaction pattern among the components Pattern Apigee orchestrates all interactionsWhen the client requests permission Apigee will record the request and then redirect the client app to the IdP login page Once the end user logs in the IdP will return an authorization code to the callback URL that Apigee registered in the IdP configuration Apigee will then redirect the client app to the Consent Management service so that the consent form is displayed Once the user grants consent selects the desired permissions and selects the accounts it will apply to the Consent Management Service will update Apigee with the status of the consent via a callback Apigee registered in the consent configuration Now that the end user has authenticated and granted consent Apigee can now issue an authorization code and associate all the necessary information for instance details about the consent the authorization code issued by the Identity Platform IdP the identification of the end user in the IdP etc Apigee will return this authorization code to the client app via a callback endpoint that the app provided when registering with Apigee The app will then exchange the authorization code for an access token Apigee will obtain an access token from the IdP abd update the status of the consent before issuing an access token to the client Pattern The Consent Management Service is the center of the ArchitectureIn Pattern Apigee will only communicate with the Consent Management Service which acts as an authorization server for the app and will also coordinate all interaction with the IdP When the client requests permission Apigee will forward the request to the CMS The CMS will record the request and then redirect the client app to the IdP login page Once the end user logs in the IdP will return an authorization code to the callback the CMS registered in the IdP configuration The CMS then displays the consent form Once the user approves the consent and selects the desired permissions and accounts it will apply to the Consent Management Service will return an authorization code to Apigee via a callback Apigee registered in the CMS configuration From now on the flow is the same as explained above Apigee will issue an authorization code associate all the necessary information and will return this authorization code to the client app via a callback endpoint The app will then exchange the authorization code for an access token Apigee will obtain an access token from the CMS before issuing an access token to the client Let s now look at the other relevant user journey Access shared data Once the third party app has been authorized it will then start requesting that end user s data For instance it may request the list of accounts or the balance of a particular account  When that request goes through a series of checks need to be performed Is this third party app still authorized Has it been granted the right permission for the operation being requested Is the account involved included in the list of accounts authorized by the end user Apigee can perform all these checks by inspecting the access token presented by the third party app  There is however one other check which cannot be done simply by inspecting the token Imagine for a moment that in between the user granting consent and the app requesting the user s data the end user decided to revoke that consent This could be done by other means than the app itself for instance by checking all consents granted to all apps in a consent dashboard accessible via other channels such as an “Internet Banking site When the app requests the user data the token is still valid however the consent has already been revoked Therefore in this user journey Apigee will check with the Consent Management service to check if the consent is still valid This adds a bit of overhead which can be minimized by other means For instance one popular optimization is to make sure that the Consent Management service asks Apigee to revoke any access or refresh tokens associated with a given consent when that consent is revoked via other channels If that guardrail is in place then Apigee can determine if a request should be allowed simply by validating the access token and using the consent information stored alongside the token The following diagram summarizes the interactions required between Apigee and the Consent Management component The interaction is essentially the same in both interaction patterns What s next In this article we have described how Apigee a Consent Management service and an Identity Platform are the fundamental ingredients of a successful and secure Embedded Finance solution We have also looked at how these components interact with each other to keep user consent consistent and available Both interaction patterns described are valid and have been proven to work So which one may be right for you The answer ultimately depends on your particular requirements the choice of consent management service and your choice of identity platform As a rule of thumb if you have multiple application experiences identity systems and sources of consent an Apigee centric architecture is a great solution If you are looking at a Consent Management service in the context of an Open Banking implementation mandated by a centralized authority eg Open Banking Brazil Consumer Data Standards in Australia CloudEntity is a good choice for consent management as their product is also Certified Financial grade API FAPI OpenID Provider with profiles for the various Open Banking standards CloudEntity integrates with Apigee using Pattern  For more details on both Clarip and CloudEntity s offerings and how their particular solution works with GCP please check Clarip Universal Consent Management Platform GDPRCloudEntity Certified OpenBanking  amp Consent UK Brazil and Australia at scaleFor more details on Apigee API Management see You can also learn about our solutions for retail banking or contact sales Related ArticleRead Article	2022-01-27 17:00:00
GCP	Cloud Blog	Expanding support for early-stage startups on Google Cloud	https://cloud.google.com/blog/topics/startups/expanding-support-for-early-stage-startups-on-google-cloud/	Expanding support for early stage startups on Google CloudStartups are uniquely adept at solving difficult challenges and Google is committed to partnering with these organizations and delivering technology to help them do so as they start build and grow Over the past year we ve deepened our focus on helping startups scale and thrive in the cloud including launching new resources and mentorship programs hosting our first ever Google Cloud Startup Summit growing our team of startup experts and more With the new year in full swing I m excited to roll out several new offerings and updates designed to support startups even more effectively First we will align Google Cloud s startup program with Google for Startups to ensure startup customers enjoy a consistent experience across all of Googleーincluding Google Cloud infrastructure and servicesーand to provide founders access to Google mentors products programs and best practices Going forward our program will be the Google for Startups Cloud Program Next we ll deepen our commitment to supporting founders that are just starting out when access to the right technology and expertise can have a massive impact on their company s growth trajectory Early stage startups are particularly well positioned to move quickly and solve problems but they need the ability to scale with minimal costs to pivot to address a new opportunity and to leverage expertise and resources as they navigate new markets and investors   Supporting early stage startups is a key goal of the Google for Startups Cloud Program and today I m thrilled to announce a new offer for funded startups that will make it easier for these companies to get access to the technology and resources they need  Providing new Google Cloud credits for early stage startupsStarting now the Google for Startups Cloud Program will cover the first year of Google Cloud usage for investor backed startups through series A rounds up to For most startups this will mean they can begin building on Google Cloud at no cost ensuring they can focus on innovation growth and customer acquisition In their second year of the program startups will have of their Google Cloud usage costs covered up to an additional in credits This new offering will make it simpler for startups to access to Google Cloud s capabilities in AI ML and analytics and to rapidly build and scale on Google Cloud infrastructure with services like Firebase and Google Kubernetes Engine GKE Learn more about this new offer and eligibility requirements here Connecting startup customers to Google know how and supportWe know that navigating decisions as a fast scaling startup can be challenging Last year we introduced our global Startup Success Team as a dedicated Google Cloud point of contact for startups in our program as they build Now that this team is fully up and running we re expanding it to all qualified early stage startups in the Google for Startups Cloud Program These guides will get to know the unique needs of each startup throughout their two years in the program and will help connect them with the right Google teams to help resolve any technical go to market or credit questions along the way As a customer grows in their usage and expertise with Google Cloud they ll be connected to our startup expert account teams to continue their journey   The Google for Startups Cloud Program joins Google s numerous offerings for entrepreneurs In addition to receiving mentorship tailored resources and technical support from Google subject matter experts participating startups are eligible for additional Google product benefits to help their business including Google Workspace Google Maps and more Founders can take advantage of workshops events and technical training courses as well as Google for Startups programsand partner offerings They can also tap into a supportive network of peers through our new CC Connect digital community just for founders and CTOs building on Google Cloud  Helping startups focus on innovation not infrastructureOur goal is to help startups move fast now without creating technical debt that will slow them down later With our fully managed serverless offerings like Cloud Run Firestore Firebaseand BigQuery startups can spend their time on their roadmap rather than infrastructure management And as they go from MVP to product to scale startups don t need to overhaul their architectureーGoogle Cloud services scale with them That s how Nylas a startup focused on business productivity is able to rapidly scale its platform and support larger enterprise customers all while growing its revenue by X FLYR Labs is helping airlines better manage revenue and forecast demand with a platform powered by Google Cloud data and AI capabilities and running on GKE Sniip is rapidly growing adoption of its app that helps people more easily track and pay bills leveraging GKE to scale quickly and Cloud Run to empower their developers With Google Cloud startups benefit from a business and technology partnership to help them build and go to market We ll work with founders from the early prototypes to global scale as they expand to new markets Startups around the world are choosing to build with Google Cloud Join us and let s get solving Related ArticleRead Article	2022-01-27 16:30:00